Slashdot Mirror

← Back to Stories (view on slashdot.org)

Gnutella Vs. SPAM

Posted by CmdrTaco on from the how-do-you-handle-this dept.

darekana writes: "I know you've heard the quote: 'Every new medium will be used for sex.' Well, every new medium also appears to be used for advertising. Gnutella vs. Flatplanet.net who will win? From the 'ShareZilla' developers' mouths: 'When the fine folks at Gnutella find a way to filter ShareZilla, we will figure out how to get around their new filters. A subscription to ShareZilla entitles you to that new version of our software at no additional charge.' Beyond the $74.95 (US) initial charge that is."

9 of 274 comments (clear)

  1. flatplanet.net Shut Down (aka Re:What?) by slashdevnull · · Score: 5
    For those of you wondering what happened to http://www.flatplanet.net, they have been shut down. The timing of this article on /. could not have been timed better, as www.flatplanet.net was scheduled for disconnect today due to complaints against the software they sell, which was found to be against DSL.net's AUP and TOS.

    Like any true spam promoter on the Internet, alas, they will most likely move their operations and continue with their unethical practices. :P

    Thanks for reading, and not spamming,

    Al Gordon
    Sr. UNIX Systems Administrator
    DSL.net, Inc.
    http://www.dsl.net/

  2. Re:Slashdot values by skimmer · · Score: 5

    It's not so much the what as the how. If someone were doing this with ANY OF THE CATEGORIES you mentioned -- making every search return an exact match to a renamed file which turns out to be child pornography or bomb making instructions every time -- you'd better believe they'd be taking the same heat, and rightly so. But of course, where's the money in doing that?

    Legal commercial advertisements are fine, but this delivery method is NOT. They are not being censored. Imagine if you were looking for a book in a library, and you picked a few up and checked them out, only to find that although the cover looked like the book you wanted, ALL OF THE INSIDE PAGES WERE ADS. Imagine that this happened with every book in the library. You can see how this would piss people off no matter what was in the book -- the point was it's not what you requested.

  3. I have a new spam address by Anonymous Coward · · Score: 5

    I will be using justinalexander@usa.net for my spam address from now on, since Justin is such a big fan of spam.

    I encourage you to join me.

    (before you moderate me down, do a whois on flatplanet.net.)

  4. Re:What? by bgarrett · · Score: 5


    Has anyone considered looking for buffer overflows in the ShareZilla code? send a targeted request for '0xFF, 0xFF' or what-have-you and watch the spam factory turn to Jell-o.

    --
    Nothing worth doing is worth doing today.
  5. Since the site's slashdotted already... by Deven · · Score: 5
    I managed to fetch the text of the front page of the flatplanet.net website before it got slashdotted. Here it is:
    What is ShareZilla?

    ShareZilla is a quick, cheap, and easy way to promote your products, services and web-sites across the latest and greatest thing on the Internet: Gnutella. ShareZilla intercepts every Gnutella search that comes across its network horizon and re-transmits an ad back to the person originating the request. In addition, ShareZilla can transmit an MP3 file (if that's what the user is requesting), or it can transmit a Movie, Text, HTML, VS, etc.

    When the search originator sends out a request like:
    "Strawberry Rhubarb Pie"
    ShareZilla will return a string like this:
    "WWW.FlatPlanet.Net - Strawberry Rhubarb Pie.mp3"

    This is very useful if you're on the web to make money. If you're not on the web to make money, this is just a really neat way of finding out about the latest commercial press release about Strawberry Rhubarb Pie.

    What is Stealth Mode?

    While running in stealth mode ShareZilla responds to search requests with a advertisement string, instead of a file. Since the viewer of the ad does not need to download any files (or viruses) to their system to get your ad across, ShareZilla takes the opportunity to scramble its home IP address and other identifiying data that would otherwise be necessary to download a file, or find out who and where you are.

    Since the response to the search does not include any return address, ShareZilla uses Gnutella Net's natural anonimity to keep your home IP address from being discovered. This way you don't have to wory about any number of hack attacks, which can only be done once the hacker knows your home IP.
    As I mentioned in my previous post, I consider this a clearcut case of network abuse. The very existence of this "stealth mode" is obvious evidence that they know how unscrupulous their actions are, but they clearly don't care...
    --

    Deven

    "Simple things should be simple, and complex things should be possible." - Alan Kay

  6. FlatPlanet are wrong - they can be banned by Mike+Connell · · Score: 5

    FWIW I wrote a gnutella clone in the early days, but I never got around to completing it. Back then, Gnutella itself wasn't too stable (TTL wraparound anyone?), and a lot of clone developers were sticking their creations on the net before they were (how shall I say it) properly debugged.

    Anyway, as a consequence of this, I started collecting good/bad host information - I kept notes on the number of good (valid) and bad (invalid) packets coming in on every connection. Once the bad packets accounted for a certain percentage of the total packets, I said "fsck you" to the connection. Now note, it's not the node that you have the connection to that's creating the bad packets, it's just doing it's job in passing them around. What I was saying is "Hey, you're sending me junk - I don't care if it's not yours, I'm dropping you and talking to someone else". I would drop the connection, blacklist it for a few days, and start a new one instead. During the TTL wraparound time, whilst gnutella was totally unusable, my client was merely slow.

    To get to the point: If every client allowed the user to say "this reply is spam", the route can be traced back (via MessageID) in the net to the clients that have a direct connection to the spambot. By creating a new (routed, so efficient) spam alert message, a client could be informed that one of it's neighbours was a spambot, and so (voluntarily) agree to both drop the spambot from the net *and* reply with the ip:port pair of the spambot, this could then be used to blacklist the ip:port pair for a limited time (again, voluntarily, per client).

    Given that ip address are not yet (cf. ipv6) a dime-a-dozen, FlatPlanet would have to keep finding a new suply ip address blocks from which to attack.

    I haven't kept up to date on gnutella development, but there must be a sizeable number of clones (with source!) by now. The major problem would be in moving people from the old unmodifiable Gnutella client, to a "new and improved" clone.

    best wishes,
    Mike.

    --
    Tales from behind the Lagom Curtain
  7. More Insidious Than Spam is Harassment by InitZero · · Score: 5

    For a week in July, a pissed-off spammer returned
    my email address as every gnutella response...

    gnut> find anything
    CURRENT RESPONSES
    -----------------
    1) email matt@steinhoff.net for kiddie porn and anything
    216.10.33.21:6345 size:80.854M ref:84279680 speed:10000

    I got thousands of email messages looking for

    child porn and else
    before I nailed the guy.

    When the search is distributed, the abuse is
    distributed as well.

    InitZero

  8. Re:Network Abuse by Ketzer · · Score: 5

    "Hackers view advertising as damage, and route around it."

    I like that, I think I'm gonna quote you on that one.

    I see this as a serial killer unleashed on the bootlegging community of Prohibition times. A large community of people breaking the law, but whose only real harm is that perhaps they're depriving companies of revenue. Now they aren't being arrested, but are instead being attacked by other citizens.

    I'm not sure how the morality all works out in the end, but in the meantime, I think it's probably a bad idea to directly antagonize the hacker community. Sure, the majority of Gnutella's users are relatively ignorant mp3 and porn sharers, but it's a powerful Open Source networking tool, and has support from some skilled people. If flatplanet declares war on the Gnutella community, I'm betting on Gnutella in the long run.

    Besides, how effective can the ads be? I know I would be less likely to buy from a company that was already antagonizing me and whose advertising was presented in the form of an attack.

  9. A better answer by SaoSao · · Score: 5

    I've been thinking about this one for a little while. (They've been doing this sort of crap ever since I started playing with gnuttella). I think the thing to do is have the client send out a random search string when it first starts off. Any responses to it should then be filtered out. Problem solved